Allow access to one particular Vlan from all other Vlans

Unanswered Question


I need created vlan2(,vlan3(,vlan4(,vlan5( on my 3560 L3 switch.

I placed a network printer in my Vlan6(

I want all the vlans to able to access the printer.But except Vlan6 none of the vlans should be able to talk to each other.How can I achieve this?

Also all vlans should be able to go to internet and can browse.

Topology is like internet--->router(Natted)--->Switch(VLANS here).

Any idea/hint would be of gr8 help.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
huzefamerji Tue, 04/22/2008 - 23:56
User Badges:

Dear you have not clearly mention .........i guess.........have u set .....interface vlan or not to each vlan

huzefamerji Tue, 04/22/2008 - 23:59
User Badges:

Configuration looks like this..........

configure(terminal)interface vlan 2

ip address

likewise to each and every vlan.....

you know why this would do layer 3 routing

if u get me pls reply

huzefamerji Wed, 04/23/2008 - 00:24
User Badges:


i should see that in you case layer 3 routing is not working thats it.....

otherwise your switch is multilayer it shoud work

Thanks for the info.I am just using entry level L3 switch.Here is the config for the same.Forget about communciation about vlans.


interface ehternet0/0

ip address 122.x.x.114/30

ip nat outside

interface ethernet0/1

ip nat inside


access-list 101 permit ip any

ip nat inside source list 101 interface ethernet0/0 overload

Ip route eth0/0

Ip name- server dns1

Ip name-server dns2

Switch L3:

Switch 3560(Config)#

Interface Fe0/48

Description to internet router

No switchport

IP routing

IP address

VTP Domain Cisco

VTP mode Server

Vlan_2 name Engineer

IP address

Vlan_3 name marketing

IP address

Int Fe0/2

Switchport access Vlan_2

Switchport mode access

Int Fe0/2

Switchport access Vlan_3

Switchport mode access

IP route (i.e the IP of the internal int of the router)

Now I am able to ping the from and network.But not able to ping gateway of the router.

I also created one more access list on router to learn the router inside traffic from VLAN network with following command.

Ip route the ip of the switch).

Still nothing seems to happening.

I just want to use different vlans and needs to access internet and don't want the vlans to communicate among each other.(Without using vlan I am able to access internet thorugh default vlan i.e using native vlan)

Suggest what all I am missing.



jdeprince Wed, 04/23/2008 - 14:17
User Badges:


this is my first post ever! (just got my CCNA


I find that reading these posts and their comments

and solutions help me understand it even more.

Unfortunatly, I haven't seen L3 switches yet.

But could you show us the IP routing table

from the switch and router ?


This Discussion